Security Analyst

Job Number:
Job Category:
Information Assurance
Yes, 25% of the time
Day Job
Potential for Teleworking:
Clearance Level Must Currently Possess:
Clearance Level Must Be Able to Obtain:
Public Trust

Leidos has an opening for a Security Analyst to support a large healthcare contract, contingent upon contract award, in the DC Metro area.

Primary Responsibilities:
The Security Analyst will be part of the Leidos team which provides IT repair, maintenance, operations, logistics, and engineering services to ensure secure, reliable, and uninterrupted availability of Enterprise IT Systems. The successful candidate will be an integral member of a team responsible for Security Engineering, Threat Reduction, and Assessment and Authorization of many such systems residing on multiple networks.

The individual will perform security operations support including monitoring, remediation, implementation, configuration, planning, encryption, and tracking in compliance with FISMA and other security-related statutes, regulations, rules, and standards. Provide proactive and scheduled console monitoring of infrastructure and systems in read-only in near real time (e.g., hardware, network, batch schedule, interfaces, and table spaces), respond to messages, and take corrective action as required. Utilize, operate, maintain, configure, secure, support, and update a Government security suite for tracking compliance; and for remote support, shall implement and sustain real-time data feeds and/or access as required by the SOC for security monitoring and analysis, and will provide access to archived security data for forensics and incident discovery. Work with the customer to modify and maintain firewall rule sets, implement those rule sets, and monitor the log files as well as the normal operation and maintenance of firewalls. Assist the customer in planning and executing the certification and accreditation of its critical systems in compliance with customer, Federal, and NIST guidelines and policies. Support both the review of information systems management, physical, and/or technical security controls and depending on the results of the review, the authorization by management for the system to operate.

Assist the customer in fully complying with all FISMA reporting requirements and other security audits. Assist in the implementation of comprehensive set of IT security-related operational policies, procedures, and guidelines that will support the customer's mission and ensure compliance with Federal and customer security requirements.
Execute encryption using the GFE backup system to comply with FIPS 140-2 standards. Through the SOC, operate and maintain a collaborative dashboard where authorized Government personnel can view security-incident data, vulnerability data, compliance data, and security reports and related data. Support all security audits as required by customer. Enter and track security incident reports, enter service desk queue data to initiate ticketing in response to security incidents or compliance issues, and manage remediation of detected vulnerabilities by correlating scanning results against asset management data and intrusion detection system (IDS) incident reports.

Support remediation of issues identified via the Continuous Diagnostics and Mitigation program scanning process.

Travel is expected at 25-40%


Basic Qualifications:
•Bachelor's degree in a relevant technical discipline with 6+ years of related experience. Additional years of related technical experience may be substituted for the degree.
•Experience using DoD IA tools such as ACAS, SCAP, Vulnerator, STIG, Viewer, Dumpsec, .NET Framework Tool, HBSS.
•Currently possess DoD 8570/8140 certification and computing environment requirements, Security+ce or higher with MCSA Windows 10 or equivalent/higher relevant certification.

Desired Qualifications:
•Ability to clearly convey technical implementation measures and design strategies in compliance with regulation and policy.
•Knowledge of government security controls defined in NIST Special Publication 800-53, DoD Instruction 8500.02, ICD 503.
•Experience configuring and managing patches and STIGs for clients,servers, applications, virtual machines, and network devices.
•Experience mitigating and remediating IAVAs and IAVBs by performing IAVM for networked and non-networked systems and devices.
•Experience conducting audits, risk assessment, threat analysis, contingency planning and implementing security standards and methods.
•Excellent interpersonal skills with the ability to interact with management and staff at all levels.

Leidos Overview:
Leidos is a global science and technology solutions leader working to solve the world’s toughest challenges in the defense, intelligence, homeland security, civil, and health markets. The company’s 33,000 employees support vital missions for government and commercial customers. Headquartered in Reston, Virginia, Leidos reported pro forma annual revenues of approximately $10 billion for the fiscal year ended January 1, 2016 after giving effect to the recently completed combination of Leidos with Lockheed Martin's Information Systems & Global Solutions business (IS&GS). For more information, visit www.Leidos.com. The company’s diverse employees support vital missions for government and commercial customers. Qualified women, minorities, individuals with disabilities and protected veterans are encouraged to apply. Leidos will consider qualified applicants with criminal histories for employment in accordance with relevant Laws. Leidos is an Equal Opportunity Employer.
Other Locations: